nano-banana-2

Pass

Audited by Gen Agent Trust Hub on Jul 13, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute the runcomfy CLI tool. The documentation explicitly notes that user input is passed as a JSON string to avoid shell expansion vulnerabilities.
  • [CREDENTIALS_UNSAFE]: References standard credential management for the RunComfy service, utilizing either a local configuration file (~/.config/runcomfy/token.json) with owner-only permissions or the RUNCOMFY_TOKEN environment variable. This follows security best practices.
  • [EXTERNAL_DOWNLOADS]: Fetches generated image outputs from *.runcomfy.net and *.runcomfy.com. The skill documentation describes a built-in whitelist and a 2 GiB file size cap to mitigate potential disk-exhaustion or exfiltration risks.
  • [PROMPT_INJECTION]: No malicious prompt injection patterns were detected. The skill provides guidance on effective prompting and acknowledges the inherent risks of image-based prompt injection in external models as a known technical limitation.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 13, 2026, 07:37 AM
Security Audit — agent-trust-hub — nano-banana-2